How to add private nuget source in dotnet dockerfile?
Solution 1
My current workaround is to create a copy of the nuget.config
with a packageSourceCredentials
section that contains placeholders for user name and password. I then replace my existing nuget.config
with this file and replace the user name and password with environment variables.
The only drawback is that I need to keep both config files in sync. If I modify my nuget.config
in the project I need to remember to update the copy as well.
nuget.config.template
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="GitHub private registry" value="https://nuget.pkg.github.com/your_orga/index.json" />
</packageSources>
<packageSourceCredentials>
<GitHub_x0020_private_x0020_registry>
<add key="Username" value="USER" />
<add key="ClearTextPassword" value="PW" />
</GitHub_x0020_nuget_x0020_registry>
</packageSourceCredentials>
</configuration>
Dockerfile
FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build-image
ARG NUGET_AUTH_TOKEN
ARG NUGET_USER_NAME
WORKDIR /app
COPY ./My.Project .
# Replace nuget.config
RUN rm nuget.config
COPY ./gitlab-ci/nuget.config.template ./nuget.config
RUN sed -i -e "s/USER/$NUGET_USER_NAME/g" -e "s/PW/$NUGET_AUTH_TOKEN/g" nuget.config
RUN dotnet restore
.gitlab-ci.yml
docker build
--build-arg NUGET_USER_NAME=$NUGET_USER_NAME
--build-arg NUGET_AUTH_TOKEN=$NUGET_AUTH_TOKEN
--tag $CI_REGISTRY/organization/application:$CI_COMMIT_SHA
--file gitlab-ci/Dockerfile
.
Solution 2
By adding a nuget.config to the solution/project and copying it into the Docker project:
WORKDIR /src
COPY ["nuget.config", ""]
You can add the source and then have success with your docker build.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
<add key="Nellson Nuget Repo" value="http://private.source.local:123/v3/index.json" />
</packageSources>
<activePackageSource>
<add key="NuGet official package source" value="https://api.nuget.org/v3/index.json" />
<add key="Nellson Nuget Repo" value="http://private.source.local:123/v3/index.json" />
</activePackageSource>
</configuration>
Solution 3
The nuget source
command is part of the nuget.exe command line interface, which can only be used on Linux in combination with Mono. Because the mcr.microsoft.com/dotnet/core/sdk image is a Linux container (Debian, to be precise) - you will need to install Mono and Nuget yourself in order to use that command. Your other option is to get the official Mono docker image and install .NET Core and NuGet.exe into that.
Solution 4
-
In your private feed if it's azure artifacts create a personal access token with full access.
-
Add a NuGet.Config file to the root of your project
<configuration> <packageSources> <add key="MyPrivateFeed" value="https://myfeed.url/index.json" /> </packageSources> <packageSourceCredentials> <MyPrivateFeed> <add key="Username" value="myusername" /> <add key="ClearTextPassword" value="xq6n4lvnayeo2f467osasdasdgj4nat7xw2mkm7qwowvqeutjdueq" /> <add key="ValidAuthenticationTypes" value="basic" /> </MyPrivateFeed> </packageSourceCredentials> </configuration>
the ClearTextPassword key is your PAT
-
Add these two-line to the copy section of your docker file
COPY "NuGet.Config" "/" RUN ["cp", "/NuGet.Config", "/root/.nuget/NuGet/NuGet.Config"]
and finally run your docker build it should be work.
Related videos on Youtube
jwillmer
Software Developer Focus: C# / ASP.Net MVC / Windows 10 / JS Mail: info [at] jwillmer [de]
Updated on September 15, 2022Comments
-
jwillmer over 1 year
I try to add (override) a private nuget source to my build script in order to add the user/pw - and keep it out of my source control. What I tried so far:
nuget
is not recognized as command inside the imagedotnet nuget
does not have the command to add additional sources- installing nuget does not effect
dotnet restore
FROM mcr.microsoft.com/dotnet/core/sdk:2.2 RUN apt-get update && apt-get install -y nuget RUN nuget source Add -Name "Private Feed" -Source ".." -UserName "UserVAR" -Password "PassVAR" RUN dotnet restore
-
David Clarke almost 3 yearsThat works but then you're committing credentials to your repo.
-
javidasd almost 3 yearswhen you have private repo you have no choice.
-
David Clarke almost 3 yearsYou can at least restrict the PAT to read packages only.
-
Fábio over 2 yearsThat's not quite accurate. You can pass credentials to the Dockerfile via arguments ARG password
-
Kamushek about 2 yearsWith this approach your username and token will end up in the image. You should use docker secret for that purpose. stackoverflow.com/questions/33621242/…